Versions Type Operating system Dependencies Configuration Local log file Changelog

Token exchange service

The token exchange service component (aws.greengrass.TokenExchangeService) provides AWS credentials that you can use to interact with AWS services in your custom components.

The token exchange service runs an Amazon Elastic Container Service (Amazon ECS) container instance as a local server. This local server connects to the AWS IoT credentials provider using the AWS IoT role alias that you configure in the Greengrass core nucleus component. The component provides two environment variables, AWS_CONTAINER_CREDENTIALS_FULL_URI and AWS_CONTAINER_AUTHORIZATION_TOKEN. AWS_CONTAINER_CREDENTIALS_FULL_URI defines the URI to this local server. When a component creates an AWS SDK client, the client recognizes this URI environment variable and uses the token in the AWS_CONTAINER_AUTHORIZATION_TOKEN to connect to the token exchange service and retrieve AWS credentials. This allows Greengrass core devices to call AWS service operations. For more information about how to use this component in custom components, see Interact with AWS services.

Important

Support to acquire AWS credentials in this way was added to the AWS SDKs on July 13th, 2016. Your component must use an AWS SDK version that was created on or after that date. For more information, see Using a supported AWS SDK in the Amazon Elastic Container Service Developer Guide.

Versions

This component has the following versions:

2.0.x

Type

This component is a generic component (aws.greengrass.generic). The Greengrass nucleus runs the component's lifecycle scripts.

For more information, see Component types.

Operating system

This component can be installed on core devices that run the following operating systems:

Linux
Windows

Dependencies

This component doesn't have any dependencies.

Configuration

This component doesn't have any configuration parameters.

Local log file

This component uses the same log file as the Greengrass nucleus component.

To view this component's logs

Run the following command on the core device to view this component's log file in real time. Replace /greengrass/v2 or C:\greengrass\v2 with the path to the AWS IoT Greengrass root folder.
Linux
```
sudo tail -f /greengrass/v2/logs/greengrass.log
```
Windows (PowerShell)
```
Get-Content C:\greengrass\v2\logs\greengrass.log -Tail 10 -Wait
```

Changelog

The following table describes the changes in each version of the component.

Version	Changes
2.0.3	Initial version.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Systems Manager Agent

IoT SiteWise OPC UA collector